 | View Full Version : Forging Web Address's in IE MikeM 03-23-2004, 10:32 PM A while back there was a "vulnerablility" discussed here where a user could create a link to what appeared to be a valid website, but actually resolved to a different one. I am trying to explain to one of my managers how this works, but I never really payed attention. Can some-one point me in the right direction?? Dan L 03-23-2004, 10:35 PM Basically, a common method of entering a password is: username:password@domain.com Well, people make the username look like the domain name, then add random characters so people don't realize that it's actually a login key. That's what I've know.. I'm probably wrong. brendandonhu 03-23-2004, 10:37 PM Its probably better to not post the exploit here....but you can find it if you want. I'm pretty sure it was discussed on Slashdot as well as BugTraq/SecurityFocus type sites. Basically you can insert a special character into a link, so it looks like the link is pointing to one place, and it actually takes you to another. MikeM 03-23-2004, 10:38 PM Not quite what i meant.. It was something like Create a link www.webhostingtalk.com but when you click it it actually goes to www.hosthideout.com Hostex Australia 03-23-2004, 10:51 PM never heard of this bug....I'm not sure how it would work though :) MikeM 03-23-2004, 10:58 PM I got it thanks... Using bugtraq, I go the name and then went to Microsoft for the Data. Thanx ilyash 03-23-2004, 11:00 PM I think this is what you meant.. [IE patched this a while ago] http://www.microsoft.com%@http://www.webhostingtalk.com that would go to www.webhostingtalk.com instead of ms MikeM 03-23-2004, 11:02 PM yup ... except that you can hide the url so the person clicking it doesn't know they are going to another site. its the Microsoft Internet Explorer HTTP Request Encoding Vulnerability The Dude 03-23-2004, 11:54 PM Originally posted by ilyash I think this is what you meant.. [IE patched this a while ago] http://www.microsoft.com%@http://www.webhostingtalk.com that would go to www.webhostingtalk.com instead of ms I tried going to this in latest MyIE2 and it wouldnt go anywhere!!!!!!!!!! Just sat at a blank page,wouldnt load,nothin'!!! The Dude :D hfunny 03-23-2004, 11:55 PM :bawling: RDX1 03-24-2004, 04:13 AM It's called use another browser. I liked IE and after ActiveX screwed around with me I changed. That bug didn't bother me as i'm usual careful and if i'm going somewhere where I don't want my information public i'll type in the URL manually. PayPal, eBay, Amazon, Banking. Also, don't click on any links asking you for your account information unless you ask for it. That and type it in manually/view the source. |